The Microsoft has re-released a patch for CVE-2017-8529 to fix a print issue related to this vulnerability. The patch is not fully applied unless certain registry keys are set even after installing the respective Operating System patches. This article describes the steps to update registry settings to be fully protected from this vulnerability.

In Registry Editor, locate the following registry path: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\

Right-click FeatureControl, point to New, and then click Key.

Type FEATURE_ENABLE_PRINT_INFO_DISCLOSURE_FIX, and then press Enter to name the new subkey.

Right-click FEATURE_ENABLE_PRINT_INFO_DISCLOSURE_FIX, point to New, and then click DWORD Value.

Type “iexplore.exe” for the new DWORD value.

Double-click the new DWORD value named iexplore.exe and change the Value data field to 1.

Click OK to close

Please refer below image for registry changes.

Automate Patching with Saner:

Saner can automate the above patching across the organization with ease. Click here to explore patching steps using Saner.

Saner Personal Users:

Follow the below steps to fully patch this vulnerability.
1. Download the sp_cve-2017-8529_print_info_dis_reg_fix.zip zip file and unzip to get sp_cve-2017-8529_print_info_dis_reg_fix.exe
2. Open the cmd.exe as an ‘administrator’
3. Go the path where sp_cve-2017-8529_print_info_dis_reg_fix.exe is extracted
4. Run the below command with “/S” silent option to fully patch this vulnerability.C:\>sp_cve-2017-8529_print_info_dis_reg_fix.exe /S

These steps will resolve this vulnerability completely. Saner will stop reporting about this vulnerability from the next manual or scheduled scan.